Bug 115223 - SSL parameters not taken in account
Summary: SSL parameters not taken in account
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: redhat-config-httpd
Version: 3.0
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Phil Knirsch
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-02-09 10:55 UTC by jean-claude jouffre
Modified: 2015-03-05 01:13 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-07-30 14:55:40 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description jean-claude jouffre 2004-02-09 10:55:30 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; fr; rv:1.5)
Gecko/20031007 Firebird/0.7

Description of problem:
when creating a secure virtual host, no SSL parameter is written in
httpd.conf

Version-Release number of selected component (if applicable):
1.1.0-4

How reproducible:
Always

Steps to Reproduce:
1. create a virtual host
2. in SSL page, select SSL support
3. modify or not some options
4. validate all screens
5. the httpd.conf does not contain SSL parameters we have choosen
previously, but only "strange directives" :
   <IfDefine HAVE_SSL>
   </IfDefine>
    

Actual Results:  in httpd.conf, parameters :
<VirtualHost 1.2.3.4>
   <IfDefine HAVE_SSL>
   </IfDefine>


Expected Results:  <VirtualHost 1.2.3.4>
   SSLEngine on
   SSLCertificateFile /myfile1
   SSLCertificateKeyFile /myfile2
   SSLCertificateChainFile /myfile2
   SSLOptions FakeBasicAuth ExportCertData ...



Additional info:

here are some workarounds I made to let it work, but I don't know if
these are the proper fixes :
1) in /usr/share/redhat-config-httpd/ApacheControl.py file
   in _dehydrate_vhost_page_3 method, adding a string conversion :
      vhost.SSLCertificateFile = str(widget.get_text ())
      vhost.SSLCertificateKeyFile = str(widget.get_text ())
      vhost.SSLCertificateChainFile = str(widget.get_text ())
      vhost.SSLCACertificateFile = str(widget.get_text ())
   no need for SLLLog and SSLLogLevel (see 115221 bug)
2) in /usr/share/redhat-config-httpd/httpd.conf.xsl file
   in Virtual hosts part
      removing lines (I didn't understand their purpose) :
            <xsl:for-each select="SSLEngine">
            &lt;IfDefine HAVE_SSL>
         later on :
            </xsl:for-each>
         then :
            &lt;/IfDefine>
      adding the line :
         <xsl:for-each select="SSLOptions">SSLOptions <xsl:value-of
select="@VALUE" /></xsl:for-each>
      after the line :
<xsl:for-each select="SSLCACertificatePath">SSLCACertificatePath
<xsl:value-of select="@VALUE" /></xsl:for-each>

Comment 1 Phil Knirsch 2004-07-30 14:55:40 UTC
OK, that makes sense.

Including fixes, latest rawhide version s-c-h-1.2.1-1 will contain the
changes.

Read ya, Phil


Note You need to log in before you can comment on or make changes to this bug.